Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EF2D020069CC11EFBEEFCC69C4F9AE02.roa
File: EF2D020069CC11EFBEEFCC69C4F9AE02.roa (raw, json)
Hash identifier: JwqZ47RvACO9uznCpTmB3C4ZLe1yxzcMJl7iacdRuEQ=
Subject key identifier: 56:1D:6A:6F:12:63:30:09:07:B3:AE:BC:06:DF:2D:F7:8C:6F:6C:BC
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 06D8
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EF2D020069CC11EFBEEFCC69C4F9AE02.roa
Signing time: Tue 03 Dec 2024 07:43:36 +0000
ROA not before: Tue 03 Dec 2024 07:43:36 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 62610
IP address blocks: 36.255.195.0/24 maxlen: 24
150.107.0.0/24 maxlen: 24
150.129.42.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1752 (0x6d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Dec 3 07:43:36 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=674eb6a8-a95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:29:e1:20:3f:48:9d:93:d9:9d:84:1f:b7:05:
17:b2:21:6b:19:6f:b9:47:e6:74:1a:e2:70:ce:f2:
23:91:c5:cb:d7:73:ca:ed:15:03:c5:48:48:f2:97:
f1:22:7d:ac:38:38:3e:e6:4a:fe:47:e0:57:c3:a5:
4b:83:75:78:8b:54:0e:30:93:5d:ec:43:03:06:e6:
3e:d2:3f:19:5f:01:29:e3:f8:56:d2:16:21:4f:34:
e4:87:e3:8d:e9:f0:02:42:9b:1e:ac:64:94:ca:08:
da:bb:b2:1b:a4:b2:b0:db:03:e0:81:21:12:22:94:
e0:05:5a:39:8c:24:1c:5b:8b:1a:03:d7:42:68:fd:
60:0d:d6:c5:d7:3a:d1:cf:6c:14:b6:43:5f:d7:3f:
f0:d7:69:ce:0f:c1:25:bf:2a:9c:39:fa:bb:8a:bd:
02:11:60:62:12:61:5d:58:12:e2:66:43:41:dc:9f:
77:d0:98:a6:bd:8b:8d:43:f8:7b:61:15:e4:f7:3a:
2c:8e:e1:30:07:db:3e:c4:b2:70:bf:eb:57:39:76:
c7:41:68:7b:f5:3b:88:b1:2f:cb:37:30:2c:f8:c3:
c5:33:cb:25:94:9c:0b:0f:e6:a8:26:07:21:3e:ea:
82:8e:fb:b6:e9:03:d8:3d:b9:22:01:04:23:3e:c9:
c7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1D:6A:6F:12:63:30:09:07:B3:AE:BC:06:DF:2D:F7:8C:6F:6C:BC
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/EF2D020069CC11EFBEEFCC69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.195.0/24
150.107.0.0/24
150.129.42.0/24
Signature Algorithm: sha256WithRSAEncryption
71:e0:11:ea:76:e3:8d:3d:9f:5f:65:76:cc:07:c4:49:10:71:
b2:26:8b:82:c5:24:65:20:72:88:4c:48:1d:55:99:33:22:86:
83:69:35:65:d7:99:78:92:22:5e:ab:28:5e:97:21:51:3b:5a:
29:ac:8e:8a:09:58:6b:70:02:96:83:78:6c:f6:0e:88:fc:8d:
e6:54:49:57:c2:4a:42:fe:ea:60:d5:e3:2e:6b:81:1a:c5:15:
b7:4f:b6:1e:be:c8:7c:ef:a7:5f:ce:5e:28:bf:e6:f0:f9:7e:
36:a9:20:fa:3c:50:36:9f:47:99:4a:c7:38:5f:b1:24:20:94:
fb:71:a4:75:a7:77:21:aa:4e:73:4a:09:d4:97:a6:6a:26:58:
9d:61:be:9f:48:a5:87:f7:07:ee:60:65:e0:f7:d9:82:0a:98:
fd:b7:af:84:d4:7d:e7:45:7c:96:47:c4:12:a9:86:a2:be:e4:
b8:32:79:e8:de:a4:22:57:a8:29:c9:40:1e:a2:ea:d9:d6:eb:
f9:cc:b7:0a:dc:c2:d2:be:10:c5:79:50:c2:bd:86:e8:0b:ce:
dd:5c:56:03:e6:0d:91:e5:6f:ef:a1:b2:aa:70:0b:0b:65:a5:
91:3d:a3:8f:7c:59:14:ba:e8:78:a6:9e:db:82:21:2d:7c:8f:
70:34:a9:c9
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQxMjAzMDc0MzM2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlYjZhOC1hOTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1SnhID9InZPZnYQftwUXsiFrGW+5R+Z0GuJwzvIjkcXL13PK7RUDxUhI8pfx
In2sODg+5kr+R+BXw6VLg3V4i1QOMJNd7EMDBuY+0j8ZXwEp4/hW0hYhTzTkh+ON
6fACQpserGSUygjau7IbpLKw2wPggSESIpTgBVo5jCQcW4saA9dCaP1gDdbF1zrR
z2wUtkNf1z/w12nOD8ElvyqcOfq7ir0CEWBiEmFdWBLiZkNB3J930JimvYuNQ/h7
YRXk9zosjuEwB9s+xLJwv+tXOXbHQWh79TuIsS/LNzAs+MPFM8sllJwLD+aoJgch
PuqCjvu26QPYPbkiAQQjPsnH1QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFYdam8S
YzAJB7OuvAbfLfeMb2y8MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRUYyRDAyMDA2
OUNDMTFFRkJFRUZDQzY5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAk/8MDBACWawADBACWgSowDQYJKoZIhvcNAQELBQADggEB
AHHgEep24409n19ldswHxEkQcbImi4LFJGUgcohMSB1VmTMihoNpNWXXmXiSIl6r
KF6XIVE7WimsjooJWGtwApaDeGz2Doj8jeZUSVfCSkL+6mDV4y5rgRrFFbdPth6+
yHzvp1/OXii/5vD5fjapIPo8UDafR5lKxzhfsSQglPtxpHWndyGqTnNKCdSXpmom
WJ1hvp9IpYf3B+5gZeD32YIKmP23r4TUfedFfJZHxBKphqK+5LgyeejepCJXqCnJ
QB6i6tnW6/nMtwrcwtK+EMV5UMK9hugLzt1cVgPmDZHlb++hsqpwCwtlpZE9o498
WRS66HimntuCIS18j3A0qck=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:32 2025 by rpki-client